Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated to [email protected] #2

Open
wants to merge 26 commits into
base: main
Choose a base branch
from
Open

Updated to [email protected] #2

wants to merge 26 commits into from
+144 −6

Conversation

Helios-vmg
Copy link

No description provided.

@github-actions GitHub Actions
Copy link

Scout Report - Workspace - 2025-01-20

Summary

Crate Status Critical Medium Minor Enhancement
governance Analyzed 8 3 0 7

Issues found:

Known Bugs

Known Vulnerabilities

Impact: Medium

Issue: This dependency has known vulnerabilities. Consider updating it or removing it.

Description: Using dependencies with known vulnerabilities can expose your project to security risks

Learn More

Findings

ID Package File Location
3 src lib.rs:1:1 - 1:1

Arithmetic

Integer Overflow Or Underflow

Impact: Critical

Issue: Potential for integer arithmetic overflow/underflow. Consider checked, wrapping or saturating arithmetic.

Description: An overflow/underflow is typically caught and generates an error. When it is not caught, the operation will result in an inexact result which could lead to serious problems.

Learn More

Findings

ID Package File Location
5 src lib.rs:124:9 - 124:30
6 src lib.rs:134:30 - 134:55
7 src lib.rs:177:13 - 177:41
8 src lib.rs:179:13 - 179:41
10 src lib.rs:194:27 - 194:76
11 src lib.rs:195:40 - 195:76
12 src lib.rs:197:12 - 197:56
13 src lib.rs:205:20 - 205:79

Error Handling

Assert Violation

Impact: Enhancement

Issue: Assert causes panic. Instead, return a proper error.

Description: Using assert! macro in production code can cause unexpected panics. This violates best practices for smart contract error handling.

Learn More

Findings

ID Package File Location
0 src lib.rs:90:28 - 90:55
1 src lib.rs:162:9 - 162:49
2 src lib.rs:190:9 - 190:68

Unsafe Unwrap

Impact: Medium

Issue: Unsafe usage of unwrap

Description: This vulnerability class pertains to the inappropriate usage of the unwrap method in Rust, which is commonly employed for error handling. The unwrap method retrieves the inner value of an Option or Result, but if an error or None occurs, it triggers a panic and crashes the program.

Learn More

Findings

ID Package File Location
9 src lib.rs:203:34 - 203:73
14 src lib.rs:240:24 - 244:22

Best Practices

Soroban Version

Impact: Enhancement

Issue: Use the latest version of Soroban

Description: Using a older version of Soroban can be dangerous, as it may have bugs or security issues. Use the latest version available.

Learn More

Findings

ID Package File Location
4 src lib.rs:1:1 - 1:1

Storage Change Events

Impact: Enhancement

Issue: Consider emiting an event when storage is modified

Description: Emiting an event when storage changes is a good practice to make the contracts more transparent and usable to its clients and observers

Learn More

Findings

ID Package File Location
15 src lib.rs:110:5 - 116:30
16 src lib.rs:147:5 - 152:30
17 src lib.rs:70:5 - 77:30

@github-actions GitHub Actions
Copy link

Scout Report - Scoutme - 2025-01-29

Summary

Crate Status Critical Medium Minor Enhancement
governance Analyzed 8 3 0 7

Issues found:

Arithmetic

Integer Overflow Or Underflow

Impact: Critical

Issue: Potential for integer arithmetic overflow/underflow. Consider checked, wrapping or saturating arithmetic.

Description: An overflow/underflow is typically caught and generates an error. When it is not caught, the operation will result in an inexact result which could lead to serious problems.

Learn More

Findings

ID Package File Location
5 src lib.rs:124:9 - 124:30
6 src lib.rs:134:30 - 134:55
7 src lib.rs:177:13 - 177:41
8 src lib.rs:179:13 - 179:41
10 src lib.rs:194:27 - 194:76
11 src lib.rs:195:40 - 195:76
12 src lib.rs:197:12 - 197:56
13 src lib.rs:205:20 - 205:79

Best Practices

Soroban Version

Impact: Enhancement

Issue: Use the latest version of Soroban

Description: Using a older version of Soroban can be dangerous, as it may have bugs or security issues. Use the latest version available.

Learn More

Findings

ID Package File Location
4 src lib.rs:1:1 - 1:1

Storage Change Events

Impact: Enhancement

Issue: Consider emiting an event when storage is modified

Description: Emiting an event when storage changes is a good practice to make the contracts more transparent and usable to its clients and observers

Learn More

Findings

ID Package File Location
15 src lib.rs:147:5 - 152:30
16 src lib.rs:110:5 - 116:30
17 src lib.rs:70:5 - 77:30

Error Handling

Assert Violation

Impact: Enhancement

Issue: Assert causes panic. Instead, return a proper error.

Description: Using assert! macro in production code can cause unexpected panics. This violates best practices for smart contract error handling.

Learn More

Findings

ID Package File Location
0 src lib.rs:90:28 - 90:55
1 src lib.rs:162:9 - 162:49
2 src lib.rs:190:9 - 190:68

Unsafe Unwrap

Impact: Medium

Issue: Unsafe usage of unwrap

Description: This vulnerability class pertains to the inappropriate usage of the unwrap method in Rust, which is commonly employed for error handling. The unwrap method retrieves the inner value of an Option or Result, but if an error or None occurs, it triggers a panic and crashes the program.

Learn More

Findings

ID Package File Location
9 src lib.rs:203:34 - 203:73
14 src lib.rs:240:24 - 244:22

Known Bugs

Known Vulnerabilities

Impact: Medium

Issue: This dependency has known vulnerabilities. Consider updating it or removing it.

Description: Using dependencies with known vulnerabilities can expose your project to security risks

Learn More

Findings

ID Package File Location
3 src lib.rs:1:1 - 1:1

@github-actions GitHub Actions
Copy link

Scout Report - Scoutme - 2025-01-29

Summary

Crate Status Critical Medium Minor Enhancement
governance Analyzed 8 3 0 7

Issues found:

Error Handling

Assert Violation

Impact: Enhancement

Issue: Assert causes panic. Instead, return a proper error.

Description: Using assert! macro in production code can cause unexpected panics. This violates best practices for smart contract error handling.

Learn More

Findings

ID Package File Location
0 src lib.rs:90:28 - 90:55
1 src lib.rs:162:9 - 162:49
2 src lib.rs:190:9 - 190:68

Unsafe Unwrap

Impact: Medium

Issue: Unsafe usage of unwrap

Description: This vulnerability class pertains to the inappropriate usage of the unwrap method in Rust, which is commonly employed for error handling. The unwrap method retrieves the inner value of an Option or Result, but if an error or None occurs, it triggers a panic and crashes the program.

Learn More

Findings

ID Package File Location
9 src lib.rs:203:34 - 203:73
14 src lib.rs:240:24 - 244:22

Best Practices

Soroban Version

Impact: Enhancement

Issue: Use the latest version of Soroban

Description: Using a older version of Soroban can be dangerous, as it may have bugs or security issues. Use the latest version available.

Learn More

Findings

ID Package File Location
4 src lib.rs:1:1 - 1:1

Storage Change Events

Impact: Enhancement

Issue: Consider emiting an event when storage is modified

Description: Emiting an event when storage changes is a good practice to make the contracts more transparent and usable to its clients and observers

Learn More

Findings

ID Package File Location
15 src lib.rs:70:5 - 77:30
16 src lib.rs:147:5 - 152:30
17 src lib.rs:110:5 - 116:30

Arithmetic

Integer Overflow Or Underflow

Impact: Critical

Issue: Potential for integer arithmetic overflow/underflow. Consider checked, wrapping or saturating arithmetic.

Description: An overflow/underflow is typically caught and generates an error. When it is not caught, the operation will result in an inexact result which could lead to serious problems.

Learn More

Findings

ID Package File Location
5 src lib.rs:124:9 - 124:30
6 src lib.rs:134:30 - 134:55
7 src lib.rs:177:13 - 177:41
8 src lib.rs:179:13 - 179:41
10 src lib.rs:194:27 - 194:76
11 src lib.rs:195:40 - 195:76
12 src lib.rs:197:12 - 197:56
13 src lib.rs:205:20 - 205:79

Known Bugs

Known Vulnerabilities

Impact: Medium

Issue: This dependency has known vulnerabilities. Consider updating it or removing it.

Description: Using dependencies with known vulnerabilities can expose your project to security risks

Learn More

Findings

ID Package File Location
3 src lib.rs:1:1 - 1:1

@github-actions GitHub Actions
Copy link

Scout Report - Scoutme - 2025-01-29

Summary

Crate Status Critical Medium Minor Enhancement
governance Analyzed 8 3 0 7

Issues found:

Known Bugs

Known Vulnerabilities

Impact: Medium

Issue: This dependency has known vulnerabilities. Consider updating it or removing it.

Description: Using dependencies with known vulnerabilities can expose your project to security risks

Learn More

Findings

ID Package File Location
3 src lib.rs:1:1 - 1:1

Error Handling

Assert Violation

Impact: Enhancement

Issue: Assert causes panic. Instead, return a proper error.

Description: Using assert! macro in production code can cause unexpected panics. This violates best practices for smart contract error handling.

Learn More

Findings

ID Package File Location
0 src lib.rs:90:28 - 90:55
1 src lib.rs:162:9 - 162:49
2 src lib.rs:190:9 - 190:68

Unsafe Unwrap

Impact: Medium

Issue: Unsafe usage of unwrap

Description: This vulnerability class pertains to the inappropriate usage of the unwrap method in Rust, which is commonly employed for error handling. The unwrap method retrieves the inner value of an Option or Result, but if an error or None occurs, it triggers a panic and crashes the program.

Learn More

Findings

ID Package File Location
9 src lib.rs:203:34 - 203:73
14 src lib.rs:240:24 - 244:22

Best Practices

Soroban Version

Impact: Enhancement

Issue: Use the latest version of Soroban

Description: Using a older version of Soroban can be dangerous, as it may have bugs or security issues. Use the latest version available.

Learn More

Findings

ID Package File Location
4 src lib.rs:1:1 - 1:1

Storage Change Events

Impact: Enhancement

Issue: Consider emiting an event when storage is modified

Description: Emiting an event when storage changes is a good practice to make the contracts more transparent and usable to its clients and observers

Learn More

Findings

ID Package File Location
15 src lib.rs:110:5 - 116:30
16 src lib.rs:70:5 - 77:30
17 src lib.rs:147:5 - 152:30

Arithmetic

Integer Overflow Or Underflow

Impact: Critical

Issue: Potential for integer arithmetic overflow/underflow. Consider checked, wrapping or saturating arithmetic.

Description: An overflow/underflow is typically caught and generates an error. When it is not caught, the operation will result in an inexact result which could lead to serious problems.

Learn More

Findings

ID Package File Location
5 src lib.rs:124:9 - 124:30
6 src lib.rs:134:30 - 134:55
7 src lib.rs:177:13 - 177:41
8 src lib.rs:179:13 - 179:41
10 src lib.rs:194:27 - 194:76
11 src lib.rs:195:40 - 195:76
12 src lib.rs:197:12 - 197:56
13 src lib.rs:205:20 - 205:79

@github-actions GitHub Actions
Copy link

Scout Report - Scoutme - 2025-01-29

Summary

Crate Status Critical Medium Minor Enhancement
governance Analyzed 8 3 0 7

Issues found:

Best Practices

Soroban Version

Impact: Enhancement

Issue: Use the latest version of Soroban

Description: Using a older version of Soroban can be dangerous, as it may have bugs or security issues. Use the latest version available.

Learn More

Findings

ID Package File Location
4 src lib.rs:1:1 - 1:1

Storage Change Events

Impact: Enhancement

Issue: Consider emiting an event when storage is modified

Description: Emiting an event when storage changes is a good practice to make the contracts more transparent and usable to its clients and observers

Learn More

Findings

ID Package File Location
15 src lib.rs:70:5 - 77:30
16 src lib.rs:110:5 - 116:30
17 src lib.rs:147:5 - 152:30

Known Bugs

Known Vulnerabilities

Impact: Medium

Issue: This dependency has known vulnerabilities. Consider updating it or removing it.

Description: Using dependencies with known vulnerabilities can expose your project to security risks

Learn More

Findings

ID Package File Location
3 src lib.rs:1:1 - 1:1

Arithmetic

Integer Overflow Or Underflow

Impact: Critical

Issue: Potential for integer arithmetic overflow/underflow. Consider checked, wrapping or saturating arithmetic.

Description: An overflow/underflow is typically caught and generates an error. When it is not caught, the operation will result in an inexact result which could lead to serious problems.

Learn More

Findings

ID Package File Location
5 src lib.rs:124:9 - 124:30
6 src lib.rs:134:30 - 134:55
7 src lib.rs:177:13 - 177:41
8 src lib.rs:179:13 - 179:41
10 src lib.rs:194:27 - 194:76
11 src lib.rs:195:40 - 195:76
12 src lib.rs:197:12 - 197:56
13 src lib.rs:205:20 - 205:79

Error Handling

Assert Violation

Impact: Enhancement

Issue: Assert causes panic. Instead, return a proper error.

Description: Using assert! macro in production code can cause unexpected panics. This violates best practices for smart contract error handling.

Learn More

Findings

ID Package File Location
0 src lib.rs:90:28 - 90:55
1 src lib.rs:162:9 - 162:49
2 src lib.rs:190:9 - 190:68

Unsafe Unwrap

Impact: Medium

Issue: Unsafe usage of unwrap

Description: This vulnerability class pertains to the inappropriate usage of the unwrap method in Rust, which is commonly employed for error handling. The unwrap method retrieves the inner value of an Option or Result, but if an error or None occurs, it triggers a panic and crashes the program.

Learn More

Findings

ID Package File Location
9 src lib.rs:203:34 - 203:73
14 src lib.rs:240:24 - 244:22

@github-actions GitHub Actions
Copy link

Scout Report - Scoutme - 2025-01-30

Summary

Crate Status Critical Medium Minor Enhancement
governance Analyzed 8 3 0 7

Issues found:

Best Practices

Soroban Version

Impact: Enhancement

Issue: Use the latest version of Soroban

Description: Using a older version of Soroban can be dangerous, as it may have bugs or security issues. Use the latest version available.

Learn More

Findings

ID Package File Location
4 src lib.rs:1:1 - 1:1

Storage Change Events

Impact: Enhancement

Issue: Consider emiting an event when storage is modified

Description: Emiting an event when storage changes is a good practice to make the contracts more transparent and usable to its clients and observers

Learn More

Findings

ID Package File Location
15 src lib.rs:110:5 - 116:30
16 src lib.rs:70:5 - 77:30
17 src lib.rs:147:5 - 152:30

Error Handling

Assert Violation

Impact: Enhancement

Issue: Assert causes panic. Instead, return a proper error.

Description: Using assert! macro in production code can cause unexpected panics. This violates best practices for smart contract error handling.

Learn More

Findings

ID Package File Location
0 src lib.rs:90:28 - 90:55
1 src lib.rs:162:9 - 162:49
2 src lib.rs:190:9 - 190:68

Unsafe Unwrap

Impact: Medium

Issue: Unsafe usage of unwrap

Description: This vulnerability class pertains to the inappropriate usage of the unwrap method in Rust, which is commonly employed for error handling. The unwrap method retrieves the inner value of an Option or Result, but if an error or None occurs, it triggers a panic and crashes the program.

Learn More

Findings

ID Package File Location
9 src lib.rs:203:34 - 203:73
14 src lib.rs:240:24 - 244:22

Arithmetic

Integer Overflow Or Underflow

Impact: Critical

Issue: Potential for integer arithmetic overflow/underflow. Consider checked, wrapping or saturating arithmetic.

Description: An overflow/underflow is typically caught and generates an error. When it is not caught, the operation will result in an inexact result which could lead to serious problems.

Learn More

Findings

ID Package File Location
5 src lib.rs:124:9 - 124:30
6 src lib.rs:134:30 - 134:55
7 src lib.rs:177:13 - 177:41
8 src lib.rs:179:13 - 179:41
10 src lib.rs:194:27 - 194:76
11 src lib.rs:195:40 - 195:76
12 src lib.rs:197:12 - 197:56
13 src lib.rs:205:20 - 205:79

Known Bugs

Known Vulnerabilities

Impact: Medium

Issue: This dependency has known vulnerabilities. Consider updating it or removing it.

Description: Using dependencies with known vulnerabilities can expose your project to security risks

Learn More

Findings

ID Package File Location
3 src lib.rs:1:1 - 1:1

@github-actions GitHub Actions
Copy link

Scout Report - Scoutme - 2025-01-30

Summary

Crate Status Critical Medium Minor Enhancement
governance Analyzed 8 3 0 7

Issues found:

Error Handling

Assert Violation

Impact: Enhancement

Issue: Assert causes panic. Instead, return a proper error.

Description: Using assert! macro in production code can cause unexpected panics. This violates best practices for smart contract error handling.

Learn More

Findings

ID Package File Location
0 src lib.rs:90:28 - 90:55
1 src lib.rs:162:9 - 162:49
2 src lib.rs:190:9 - 190:68

Unsafe Unwrap

Impact: Medium

Issue: Unsafe usage of unwrap

Description: This vulnerability class pertains to the inappropriate usage of the unwrap method in Rust, which is commonly employed for error handling. The unwrap method retrieves the inner value of an Option or Result, but if an error or None occurs, it triggers a panic and crashes the program.

Learn More

Findings

ID Package File Location
9 src lib.rs:203:34 - 203:73
14 src lib.rs:240:24 - 244:22

Known Bugs

Known Vulnerabilities

Impact: Medium

Issue: This dependency has known vulnerabilities. Consider updating it or removing it.

Description: Using dependencies with known vulnerabilities can expose your project to security risks

Learn More

Findings

ID Package File Location
3 src lib.rs:1:1 - 1:1

Arithmetic

Integer Overflow Or Underflow

Impact: Critical

Issue: Potential for integer arithmetic overflow/underflow. Consider checked, wrapping or saturating arithmetic.

Description: An overflow/underflow is typically caught and generates an error. When it is not caught, the operation will result in an inexact result which could lead to serious problems.

Learn More

Findings

ID Package File Location
5 src lib.rs:124:9 - 124:30
6 src lib.rs:134:30 - 134:55
7 src lib.rs:177:13 - 177:41
8 src lib.rs:179:13 - 179:41
10 src lib.rs:194:27 - 194:76
11 src lib.rs:195:40 - 195:76
12 src lib.rs:197:12 - 197:56
13 src lib.rs:205:20 - 205:79

Best Practices

Soroban Version

Impact: Enhancement

Issue: Use the latest version of Soroban

Description: Using a older version of Soroban can be dangerous, as it may have bugs or security issues. Use the latest version available.

Learn More

Findings

ID Package File Location
4 src lib.rs:1:1 - 1:1

Storage Change Events

Impact: Enhancement

Issue: Consider emiting an event when storage is modified

Description: Emiting an event when storage changes is a good practice to make the contracts more transparent and usable to its clients and observers

Learn More

Findings

ID Package File Location
15 src lib.rs:70:5 - 77:30
16 src lib.rs:147:5 - 152:30
17 src lib.rs:110:5 - 116:30

@github-actions GitHub Actions
Copy link

Scout Report - Scoutme - 2025-01-30

Summary

Crate Status Critical Medium Minor Enhancement
governance Analyzed 8 3 0 7

Issues found:

Known Bugs

Known Vulnerabilities

Impact: Medium

Issue: This dependency has known vulnerabilities. Consider updating it or removing it.

Description: Using dependencies with known vulnerabilities can expose your project to security risks

Learn More

Findings

ID Package File Location
3 src lib.rs:1:1 - 1:1

Arithmetic

Integer Overflow Or Underflow

Impact: Critical

Issue: Potential for integer arithmetic overflow/underflow. Consider checked, wrapping or saturating arithmetic.

Description: An overflow/underflow is typically caught and generates an error. When it is not caught, the operation will result in an inexact result which could lead to serious problems.

Learn More

Findings

ID Package File Location
5 src lib.rs:124:9 - 124:30
6 src lib.rs:134:30 - 134:55
7 src lib.rs:177:13 - 177:41
8 src lib.rs:179:13 - 179:41
10 src lib.rs:194:27 - 194:76
11 src lib.rs:195:40 - 195:76
12 src lib.rs:197:12 - 197:56
13 src lib.rs:205:20 - 205:79

Error Handling

Assert Violation

Impact: Enhancement

Issue: Assert causes panic. Instead, return a proper error.

Description: Using assert! macro in production code can cause unexpected panics. This violates best practices for smart contract error handling.

Learn More

Findings

ID Package File Location
0 src lib.rs:90:28 - 90:55
1 src lib.rs:162:9 - 162:49
2 src lib.rs:190:9 - 190:68

Unsafe Unwrap

Impact: Medium

Issue: Unsafe usage of unwrap

Description: This vulnerability class pertains to the inappropriate usage of the unwrap method in Rust, which is commonly employed for error handling. The unwrap method retrieves the inner value of an Option or Result, but if an error or None occurs, it triggers a panic and crashes the program.

Learn More

Findings

ID Package File Location
9 src lib.rs:203:34 - 203:73
14 src lib.rs:240:24 - 244:22

Best Practices

Soroban Version

Impact: Enhancement

Issue: Use the latest version of Soroban

Description: Using a older version of Soroban can be dangerous, as it may have bugs or security issues. Use the latest version available.

Learn More

Findings

ID Package File Location
4 src lib.rs:1:1 - 1:1

Storage Change Events

Impact: Enhancement

Issue: Consider emiting an event when storage is modified

Description: Emiting an event when storage changes is a good practice to make the contracts more transparent and usable to its clients and observers

Learn More

Findings

ID Package File Location
15 src lib.rs:110:5 - 116:30
16 src lib.rs:70:5 - 77:30
17 src lib.rs:147:5 - 152:30

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Helios-vmg @jgcrosta